Synopsis
The remote proxy server is affected by multiple attack vectors.
Description
Versions of Squid 3.5.x prior to 3.5.18 are affected by multiple vulnerabilities :
- A flaw is triggered as input is not properly validated when handling HTTP request messages. This may allow a remote attacker to conduct a cache poisoning attack.
- A flaw is triggered as input is not properly sanitized when handling specially crafted host headers. This may allow a remote attacker to bypass same-origin protection mechanisms and cause the program to contact the wrong origin server. This may also poison downstream caches.
- Flaws in pointer handling and reference counting are triggered when handling specially crafted ESI response syntax. This may allow a remote server to cause a denial of service for Squid clients.
Solution
Either upgrade to Squid version 3.5.18 or later, or apply the vendor-supplied patch.